Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Avast CTO Explains What Went Wrong in CCleaner Attack

SAN FRANCISCO—The importance of doing cyber-security due diligence prior to acquiring a company is something that security vendor Avast learned the hard way.

In September 2017 the CCleaner tool that is widely used by consumers was found to have been injected with malware by hackers. The malware discovery came months after Avast acquired Pirifom, the company that makes CCleaner.

In a video interview with eWEEK at the RSA Conference here, Ondrej Vlcek CTO of Avast provided insight into what happened in that incident and best practices so others can avoid the same issue.

Lessons Learned

He noted that most companies focus just on the financial and legal aspects of a company they plan to acquire, but that's not enough in the modern threat landscape.

Another key lesson is that in a supply chain attack, relying on digital signatures might not be the best approach to guaranteeing code integrity. Vlcek said that many endpoint security products whitelist technologies that have been digitally signed by a software developer. In the CCleaner attack, that hackers were able to inject themselves in the supply chain and the the maliciously modified code was still signed by the original certificate.

Vlceck said that Avast has added additional capabilities to its products to address the CCleaner type of attack in the future.

Watch the video interview with Vlcek above.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.